Rootless tripping on itself

Discussion in 'OS X El Capitan (10.11)' started by bisserwesser, Aug 4, 2015.

  1. bisserwesser macrumors newbie

    Joined:
    Jul 10, 2015
    #1
    I get this scrolling by in the verbose startup dialog after all el capitan updates:

    Aug 4 21:12:44 localhost kernel[0]: Sandbox: launchd(1) System Policy: deny(1) file-write-unlink /private/var/run/dyld_shared_cache_x86_64
    Aug 4 21:12:44 localhost kernel[0]: Sandbox: launchd(1) System Policy: deny(1) file-write-flags /private/var/run/dyld_shared_cache_x86_64.map
    Aug 4 21:12:24 localhost com.apple.xpc.launchd[1]: Failed to remove file or directory: name = dyld_shared_cache_x86_64, error = 1: Operation not permitted. Further logging suppressed.

    From what I understand, these files should be copied from /var/db/dyld to /var/run, but since not even root can delete these files, old caches lie around in that directory:

    -rw-r--r-- 1 root daemon 3 4 Aug 21:12 diskarbitrationd.pid
    -rw-r--r-- 1 root wheel 437135970 9 Jul 22:12 dyld_shared_cache_x86_64
    -rw-r--r-- 1 root wheel 98849 9 Jul 22:12 dyld_shared_cache_x86_64.map

    Of course you can't delete them with sudo either.

    How does this affect the system, though?
     
  2. xgman macrumors 601

    xgman

    Joined:
    Aug 6, 2007
    #2
    The first thing I will do upon installing EC is to disable rootless.
     
  3. leman macrumors 604

    Joined:
    Oct 14, 2008
    #3
    If you think that this causes any problems, submit a radar. Its probably entirely harmless. There are a lot of obsolete things hanging around the OS, that will fire an occasional warning or debug message.

    At any rate, these files are constantly being modified on my system. This means that the kernel has all the write access to it that it needs. All in all, system integrity protection is a great feature which is long overdue.
     
  4. bisserwesser thread starter macrumors newbie

    Joined:
    Jul 10, 2015
    #4
    Nothing can delete those files, even after disabling rootless. The kernel does not have access either, that is why these messages are generated.
     
  5. thejohnhoffer macrumors newbie

    thejohnhoffer

    Joined:
    Oct 8, 2016
    Location:
    #5
    Hi- did anyone ever end up solving this? I'm considering disabling rootless just to eliminate some of these excess console messages so I can find the source of the actual boot problem I'm looking for.
     

Share This Page